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FINAL ACTION 

1 . Amendment A has been entered. 

2. Claims 1 , 9, 21 , 25, 33, 45, 49, and 50 are amended. Claims 51 -58 are new. 
Claim 1-58 are pending. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

3. Claims 1-10, 12, 16-19, 25-30, 32, 33, 36, 40-43, and 50-58 are rejected under 
35 U.S.C. 103(a) as being unpatentable over Krohn (US Patent Publication No. 
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2004/0236965) in view of Balfanz et al. (US Patent No. 7,392,387 and Balfanz 
hereinafter). 
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4. As to claim 1 , Krohn teaches a method of secure information distribution between 
nodes, the method comprising: 

Performing, by a first node a handshake (i.e., "hello message) process with an 
adjacent node (i.e., intermediate node) to determine (i.e., authorization) membership in 
a secure group (i.e., Krohn teaches sending a handshake message to a intermediate 
node (e.g. Identity provide) [Steps 1-8, fig.7] ; 

and distributing secure information from the first node (i.e., SSL version number, 
identifier) to the adjacent node (i.e., identity provider), if the adjacent node is proven to 
be a member of the secure group (i.e., Krohn teaches a the "hello message" handshake 
includes a SSL version and unique device identifier [par. 128, lines 4-10]). 

Krohn does not teach: 

wherein the handshake process comprises requiring each of the first node and 
the adjacent node to prove a key value that is associated with the secure group; 

wherein each of the first node and the adjacent node has an identifier value that 
is associated with the secure group in order for the first node and the adjacent node to 
have membership in the secure group; 

However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn as introduced by Balfanz . Balfanz 
discloses: 
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wherein the handshake process comprises requiring each of the first node and 
the adjacent node to prove a key value that is associated with the secure group (for 
purposes of a proving a key value in a handshake process Balfanz provides for the 
securing device and the potential member undertake a key exchange protocol of their 
choice to authenticate each other by ensuring that the public keys they use match the 
commitments made over the location-limited channel [col. 8, lines 34-43]); 

wherein each of the first node and the adjacent node has an identifier value that 
is associated with the secure group in order for the first node and the adjacent node to 
have membership in the secure group (for the purpose of associated identifier value 
Balfanz provides for the securing device sends to the new member the new member 
certificate, the group root certificate, and any necessary supporting information about 
the group such that the new member can now establish communication with other group 
members [col. 8, lines 50-67]. 

Therefore, given the teachings of Balfanz, a person having ordinary skill in the art at the 
time of the invention would have recognized the desirability and advantage of modifying 
Krohn by employing the well known features of handshaking disclosed above by 
Balfanz , for which providing group membership to neighboring devices will be 
enhanced [col. 8, lines 50-67]. 
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5. As to claim 2, Krohn teaches a method further comprising: prior to providing the 
secure information (i.e., first node client certificate) to the adjacent node, performing the 
handshake process with another adjacent node (e.g., second node) (i.e., Krohn teaches 
a performing a handshake with a second node. Krohn teaches sending a first node 
client certificate after the handshake has been confirmed with second node [par. 38 
through par. 48]). 

6. As to claim 3, Krohn teaches a method further comprising: Establishing (i.e., 
creation) an encryption key with the adjacent node (i.e., Krohn teaches he handshake 
allows the server to authenticate itself to the client using public key techniques, then 
allows the client and server to cooperate in the creation of symmetric keys used for 
rapid encryption, decryption and tamper detection during the session that follows [par. 
105, lines 2-5]). 

7. As to claim 4, Krohn teaches a method where the encryption key comprises a 
public key (i.e., Krohn teaches in order to establish a secure link between the two 
devices a protocol known as the secure socket layer (SSL) protocol is used [par. 102, 
lines 1-4]. Krohn teaches the SSL protocol uses a combination of public key and 
symmetric key encryption [par. 104, lines 1-2]). 

8. As to claim 5, Krohn teaches a method where the encryption key comprises a 
symmetric key (i.e., Krohn teaches in order to establish a secure link between the two 



Application/Control Number: 10/812,607 Page 7 

Art Unit: 2431 

devices a protocol known as the secure socket layer (SSL) protocol is used [par. 102, 
lines 1-4]. Krohn teaches the SSL protocol uses a combination of public key and 
symmetric key encryption [par. 104, lines 1-2]). 

9. As to claim 6, Krohn teaches a method where the secure information is 
distributed along with an encryption key (i.e., Krohn teaches the creation of a pre- 
master secret key for the security association, encrypts the pre-master secret with the 
server device public key and sends the encrypted pre-master secret key to the server 
[par. 141, lines 7-13]). 

10. As to claim 7, Krohn teaches a method where the action of performing the 
handshaking process comprises: using a one way function f(x) (i.e., hash function) to 
determine if the adjacent node is a member of the secure group (i.e., Krohn teaches a 
message digest can be formed by a cryptographic algorithm, a "hash function" from the 
message content and a secret key known to both the server and identity provider [par. 
158, lines 1-3]). 

11. As to claim 8, Krohn teaches a method where the one way function f(x) is a 
secure hash function (i.e., Krohn teaches a message digest can be formed by a 
cryptographic algorithm, a "hash function" from the message content and a secret key 
known to both the server and identity provider [par. 158, lines 1-3]). 
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12. As to claim 9, Krohn teaches a method where the action of performing the 
handshaking process comprises: providing, by a first node (i.e. identity provider), a 
component value A1 (i.e., message content from identity provider) for a one way 
function f(x) (e.g., Hash Function) [par. 158, lines 1-4]; providing, by the adjacent node 
(i.e., second node), a component value B1 (i.e., message content from second node) as 
a challenge to the first node (i.e., Krohn teaches a message content [par. 158, lines 1- 
4]; and applying the component values A1 and Bl (i.e., message content), and a key 
value SGK (i.e., secret key) to the one way function f(x) (e.g. hash) to generate a value 
y (i.e. message digest) (i.e. Krohn teaches using a hash function generate a message 
digest [par. 158, lines 1-4]). 

1 3. As to claim 1 0, Krohn teaches a method where the one way function f(x) is a 
secure hash function (i.e., Krohn teaches a message digest can be formed by a 
cryptographic algorithm, a "hash function" from the message content and a secret key 
known to both the server and identity provider [par. 158, lines 1-3]). 

14. As to claim 12, Krohn teaches a method where the secure information comprises 
a key for secure communication (i.e., Krohn teaches security information comprises at 
least one of a security certificate, at least one security key, at least one public key and 
at least one private key [claim 50, lines 1-5]). 
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15. As to claim 16, Krohn teaches a method further comprising: determining an age 
(i.e., inspecting) of the secure information (e.g., X.509) so that each node in the secure 
group will store a latest version (e.g., X.509 version number) of the secure information 
(i.e., Krohn teaches the presenting a X.509 certificate to a node [par. 17, lines 1-3; par. 
19, linel]. The X.509 certificate inherently contains a version number for which can be 
checked. Krohn further teaches a intermediate node may inspect information sent 
[par.20, lines 1-2]). 

16. As to claim 17, Krohn teaches a method where the action of determining the age 
of the secure information comprises: checking (i.e., inspect) a sequence number (e.g., 
X.509 sequence number) of the secure information (e.g., X.509) to determine the age of 
the secure information (i.e., Krohn teaches the presenting a X.509 certificate to a node 
[par. 17, lines 1-3; par. 19, linel]. The X.509 certificate inherently contains a sequence 
number for which can be checked. Krohn further teaches a intermediate node may 
inspect information sent [par.20, lines 1-2]). 

17. As to claim 18, Krohn teaches a method where the action of determining the age 
of the secure information comprises: checking (i.e., inspect) a date of modification (i.e., 
validity) of the secure information (i.e., X.509) to determine the age of the secure 
information (i.e., Krohn teaches the presenting a X.509 certificate to a node [par. 17, 
lines 1-3; par. 19, linel]. The X.509 certificate inherently contains a validity field for 
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which validity can be check. Krohn further teaches a intermediate node may inspect 
information sent [par.20, lines 1-2]). 

18. As to claim 1 9, Krohn teaches a method where the action of determining the age 
of the secure information comprises: checking (i.e., inspect) an elapsed time (i.e., 
validity) since a previous modification of the secure information (i.e., X.509) to 
determine the age of the secure information (i.e., Krohn teaches the presenting a X.509 
certificate to a node [par. 17, lines 1-3; par. 19, linel]. The X.509 certificate inherently 
contains a validity field for which validity can be check. Krohn further teaches a 
intermediate node may inspect information sent [par.20, lines 1-2]). 

1 9. As to claim 25, Krohn teaches a apparatus for secure information distribution 
between nodes, the apparatus comprising: a node configured to performing a 
handshake process (i.e., "hello message) with an adjacent node (i.e., intermediate 
node/identity provider) to determine membership (i.e., authorization) in a secure group, 
and distribute secure information (i.e., SSL version number, identifier) to the adjacent 
node (i.e., identity provider), if the adjacent node is proven to be a member of the 
secure group (i.e., Krohn teaches sending a handshake message to a intermediate 
node (e.g. Identity provide) [Steps 1-8, fig.7]. Krohn teaches a the "hello message" 
handshake includes a SSL version and unique device identifier [par. 128, lines 4- 10]) 



Krohn does not teach: 
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wherein the handshake process comprises requiring each of the first node and 
the adjacent node to prove a key value that is associated with the secure group; 

wherein each of the first node and the adjacent node has an identifier value that 
is associated with the secure group in order for the first node and the adjacent node to 
have membership in the secure group; 

However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn as introduced by Balfanz. Balfanz 
discloses: 

wherein the handshake process comprises requiring each of the first node and 
the adjacent node to prove a key value that is associated with the secure group (for 
purposes of a proving a key value in a handshake process Balfanz provides for the 
securing device and the potential member undertake a key exchange protocol of their 
choice to authenticate each other by ensuring that the public keys they use match the 
commitments made over the location-limited channel [col. 8, lines 34-43]); 

wherein each of the first node and the adjacent node has an identifier value that 
is associated with the secure group in order for the first node and the adjacent node to 
have membership in the secure group (for the purpose of associated identifier value 
Balfanz provides for the securing device sends to the new member the new member 
certificate, the group root certificate, and any necessary supporting information about 
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the group such that the new member can now establish communication with other group 
members [col. 8, lines 50-67]. 

Therefore, given the teachings of Balfanz , a person having ordinary skill in the art at the 
time of the invention would have recognized the desirability and advantage of modifying 
Krohn by employing the well known features of handshaking disclosed above by 
Balfanz , for which providing group membership to neighboring devices will be 
enhanced [col. 8, lines 50-67]. 

20. As to claim 26, Krohn teaches a apparatus (i.e., intermediate node) where the 
node performs the handshake process with another adjacent node, prior to providing 
the secure information (i.e., first node client certificate) to the adjacent node (e.g., 
second node) (i.e., Krohn teaches a performing a handshake with a second node. 
Krohn teaches sending a first node client certificate after the handshake has been 
confirmed with second node [par. 38 through par. 48]). 

21 . As to claim 27, Krohn teaches a apparatus where the node is configured to 
establish (i.e., creation) an encryption key with the adjacent node (i.e., Krohn teaches 
he handshake allows the server to authenticate itself to the client using public key 
techniques, then allows the client and server to cooperate in the creation of symmetric 
keys used for rapid encryption, decryption and tamper detection during the session that 
follows [par. 105, lines 2-5]). 
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22. As to claim 28, Krohn teaches a apparatus where the encryption key comprises a 
public key (i.e., Krohn teaches in order to establish a secure link between the two 
devices a protocol known as the secure socket layer (SSL) protocol is used [par. 102, 
lines 1-4]. Krohn teaches the SSL protocol uses a combination of public key and 
symmetric key encryption [par. 104, lines 1-2]). 

23. As to claim 29, Krohn teaches a apparatus where the encryption key comprises a 
symmetric key (i.e., Krohn teaches in order to establish a secure link between the two 
devices a protocol known as the secure socket layer (SSL) protocol is used [par. 102, 
lines 1-4]. Krohn teaches the SSL protocol uses a combination of public key and 
symmetric key encryption [par. 104, lines 1-2]). 

24. As to claim 30, Krohn teaches a apparatus where the secure information is 
distributed along with an encryption key (i.e., Krohn teaches the creation of a pre- 
master secret key for the security association, encrypts the pre-master secret with the 
server device public key and sends the encrypted pre- master secret key to the server 
[par. 141, lines 7-13]). 24. As to claim 31, Krohn teaches a apparatus where the node is 
configured to use a one way function f(x) (e.g., hash function) to determine if the 
adjacent node is a member of the secure group (i.e., Krohn teaches a message digest 
can be formed by a cryptographic algorithm, a "hash function" from the message 
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content and a secret key known to both the server and identity provider [par. 158, lines 
1-3]). 



25. As to claim 32, Krohn teaches a apparatus where the one way function f(x) is a 
secure hash function (i.e., Krohn teaches a message digest can be formed by a 
cryptographic algorithm, a "hash function" from the message content and a secret key 
known to both the server and identity provider [par. 158, lines 1- 3]). 



26. As to claim 33, Krohn teaches a apparatus where the node is configured to 
provide a component value A1 (i.e., message content from identity provider) for a one 
way function f(x) (e.g., Hash Function) [par. 158, lines 1-4], and where the adjacent 
node (i.e., second node) is configured to provide a component value B1 (i.e., message 
content from second node) as a challenge to the first node (i.e., Krohn teaches a 
message content [par. 158, lines 1-4], and where the node and adjacent node are 
configured to apply the component values A1 and Bl (i.e., message content), and a key 
value SGK to the one way function f(x) to generate a value y (i.e., secret key) to the one 
way function f(x) (e.g. hash) to generate a value y (i.e. message digest) (i.e. Krohn 
teaches using a hash function generate a message digest (e.g., y) [par. 158, lines 1-4]). 



27. As to claim 34, Krohn teaches a apparatus where the one way function f(x) is a 
secure hash function (i.e., Krohn teaches a message digest can be formed by a 
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cryptographic algorithm, a "hash function" from the message content and a secret key 
known to both the server and identity provider [par. 158, lines 1-3]). 

28. As to claim 36, Krohn teaches a apparatus where the secure information 
comprises a key for secure communication (i.e., Krohn teaches security information 
comprises at least one of a security certificate, at least one security key, at least one 
public key and at least one private key [claim 50, lines 1-5]). 

29. As to claim 40, Krohn teaches a apparatus where the node is configured to 
determine (i.e. inspect) an age of the secure information (i.e., X.509 certificate) so that 
each node in the secure group will store a latest version of the secure information (i.e., 
Krohn teaches the presenting a X.509 certificate to a node [par. 17, lines 1-3; par. 19, 
linel]. The X.509 certificate inherently contains a version number for which can be 
checked. Krohn further teaches a intermediate node may inspect information sent 
[par.20, lines 1-2]). 

30. As to claim 41 , Krohn teaches a apparatus where the node is configured to check 
determine (i.e., inspect) a sequence number of the secure information (i.e., X.509 
certificate) to determine the age of the secure information (i.e., Krohn teaches the 
presenting a X.509 certificate to a node [par. 17, lines 1-3; par. 19, linel]. The X.509 
certificate inherently contains a sequence number for which can be checked. Krohn 
further teaches a intermediate node may inspect information sent [par.20, lines 1-2]). 
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31 . As to claim 42, Krohn teaches a apparatus where the node is configured to check 
(i.e., inspect) a date (i.e., validity) of modification of the secure information (i.e., X.509 
certificate) to determine the age of the secure information (i.e., Krohn teaches the 
presenting a X.509 certificate to a node [par. 17, lines 1-3; par. 19, linel]. The X.509 
certificate inherently contains a validity field for which validity can be check. Krohn 
further teaches a intermediate node may inspect information sent [par.20, lines 1-2]). 

32. As to claim 43, Krohn teaches a apparatus where the node is configured to check 
(i.e., inspect) an elapsed time (i.e., validity) since a previous modification of the secure 
information (i.e., X.509 certificate) to determine the age of the secure information (i.e., 
Krohn teaches the presenting a X.509 certificate to a node [par. 17, lines 1-3; par. 19, 
linel]. The X.509 certificate inherently contains a validity field for which validity can be 
check. Krohn further teaches a intermediate node may inspect information sent [par.20, 
lines 1-2]). 

33. As to claim 49, Krohn teaches a apparatus for secure information distribution 
between nodes, the apparatus comprising: 

means performing a handshake process (i.e., "hello message) between a first 
node and an adjacent node (i.e., intermediate node/identity provider) to determine 
membership (i.e., authorization) in a secure group (i.e., Krohn teaches sending a 
handshake message to a intermediate node (e.g. Identity provide) [Steps 1-8, fig .7]); 
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means for distributing secure information (i.e., SSL version number, identifier) to 
the adjacent node (i.e., identity provider), if the adjacent node is a member of the secure 
group (i.e., Krohn teaches a the "hello message" handshake includes a SSL version 
and unique device identifier [par. 128, lines 4- 10]) 

Krohn does not teach: 

wherein the handshake process comprises requiring each of the first node and 
the adjacent node to prove a key value that is associated with the secure group; 

wherein each of the first node and the adjacent node has an identifier value that 
is associated with the secure group in order for the first node and the adjacent node to 
have membership in the secure group; 

However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn as introduced by Balfanz. Balfanz 
discloses: 

wherein the handshake process comprises requiring each of the first node and 
the adjacent node to prove a key value that is associated with the secure group (for 
purposes of a proving a key value in a handshake process Balfanz provides for the 
securing device and the potential member undertake a key exchange protocol of their 
choice to authenticate each other by ensuring that the public keys they use match the 
commitments made over the location-limited channel [col. 8, lines 34-43]); 



Application/Control Number: 10/812,607 Page 18 

Art Unit: 2431 

wherein each of the first node and the adjacent node has an identifier value that 
is associated with the secure group in order for the first node and the adjacent node to 
have membership in the secure group (for the purpose of associated identifier value 
Balfanz provides for the securing device sends to the new member the new member 
certificate, the group root certificate, and any necessary supporting information about 
the group such that the new member can now establish communication with other group 
members [col. 8, lines 50-67]. 

Therefore, given the teachings of Balfanz, a person having ordinary skill in the art at the 
time of the invention would have recognized the desirability and advantage of modifying 
Krohn by employing the well known features of handshaking disclosed above by 
Balfanz, for which providing group membership to neighboring devices will be enhanced 
[col. 8, lines 50-67]. 

34. As to claim 50, Krohn teaches a article of manufacture, comprising: a machine- 
readable medium having stored thereon instructions to: 

perform a handshake process (i.e., "hello message) between a first node and an 
adjacent node (i.e., intermediate node/identity provider) to determine membership (i.e., 
authorization) in a secure group (i.e., Krohn teaches sending a handshake message to 
a intermediate node (e.g. Identity provide) [Steps 1-8, fig. 7]); 

distribute secure information (i.e., SSL version number, identifier) from the first 
node to the adjacent node (i.e., identity provider), if the adjacent node is proven to be a 
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member of the secure group (i.e., Krohn teaches a the "hello message" handshake 
includes a SSL version and unique device identifier [par. 128, lines 4-10]). 

Krohn does not teach: 

wherein the handshake process comprises requiring each of the first node and 
the adjacent node to prove a key value that is associated with the secure group; 

wherein each of the first node and the adjacent node has an identifier value that 
is associated with the secure group in order for the first node and the adjacent node to 
have membership in the secure group; 

However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn as introduced by Balfanz. Balfanz 
discloses: 

wherein the handshake process comprises requiring each of the first node and 
the adjacent node to prove a key value that is associated with the secure group (for 
purposes of a proving a key value in a handshake process Balfanz provides for the 
securing device and the potential member undertake a key exchange protocol of their 
choice to authenticate each other by ensuring that the public keys they use match the 
commitments made over the location-limited channel [col. 8, lines 34-43]); 

wherein each of the first node and the adjacent node has an identifier value that 
is associated with the secure group in order for the first node and the adjacent node to 
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have membership in the secure group (for the purpose of associated identifier value 
Balfanz provides for the securing device sends to the new member the new member 
certificate, the group root certificate, and any necessary supporting information about 
the group such that the new member can now establish communication with other group 
members [col. 8, lines 50-67]. 

Therefore, given the teachings of Balfanz, a person having ordinary skill in the art at the 
time of the invention would have recognized the desirability and advantage of modifying 
Krohn by employing the well known features of handshaking disclosed above by 
Balfanz , for which providing group membership to neighboring devices will be 
enhanced [col. 8, lines 50-67]. 

35. As to claim 51 , Krohn teachers a method where the handshake process further 
comprises: applying a one way function to the key value so that the one way function 
generates a calculated value y, and transmitting the calculated value y between the first 
node and the adjacent node (i.e., ... teaches a hashing function of a message digest 
and secret key [par. 158]. Examiner cites well known in the is the computing of a hash 
value and transmitting the value between communicating entities for purpose of 
authentication). 

36. As to claim 53, Krohn teaches a apparatus where the handshake process further 
comprises: applying a one way function to the key value so that the one way function 
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generates a calculated value y, and transmitting the calculated value y between the 
node and the adjacent node (i.e., ... teaches a hashing function of a message digest 
and secret key [par. 158]. Examiner cites well known in the is the computing of a hash 
value and transmitting the value between communicating entities for purpose of 
authentication). 

37. As to claim 55, Krohn teaches a apparatus where the handshake process further 
comprises: applying a one way function to the key value so that the one way function 
generates a calculated value y, and transmitting the calculated value y between the first 
node and the adjacent node (i.e., ... teaches a hashing function of a message digest 
and secret key [par. 158]. Examiner cites well known in the is the computing of a hash 
value and transmitting the value between communicating entities for purpose of 
authentication). 

38. As to claim 57, Krohn teaches a article of manufacture where the handshake 
process further comprises: applying a one way function to the key value so that the one 
way function generates a calculated value y, and transmitting the calculated value y 
between the first node and the adjacent node (i.e., ... teaches a hashing function of a 
message digest and secret key [par. 158]. Examiner cites well known in the is the 
computing of a hash value and transmitting the value between communicating entities 
for purpose of authentication). 
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39. Claims 52, 54, 56 and 58 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Krohn in view of Balfanz. 

A method where the first node belongs to the secure group if the first node 
contains the identifier value and proves the key value during the handshake 
process, wherein the adjacent node belongs to the secure group if the adjacent 
node contains the identifier value and proves the key value during the handshake 
process, and wherein the secure information is distributed only between nodes in 
the secure group (claim 52). 

A apparatus where the node belongs to the secure group if the node contains the 
identifier value and proves the key value during the handshake process, wherein 
the adjacent node belongs to the secure group if the adjacent node contains the 
identifier value and proves the key value during the handshake process, and 
wherein the secure information is distributed only between nodes in the secure 
group (claim 54). 

A apparatus where the first node belongs to the secure group if the first node 
contains the identifier value and proves the key value during the handshake 
process, wherein the adjacent node belongs to the secure group if the adjacent 
node contains the identifier value and proves the key value during the handshake 
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process, and wherein the secure information is distributed only between nodes in 
the secure group (claim 56). 

A article of manufacture where the first node belongs to the secure group if the 
first node contains the identifier value and proves the key value during the 
handshake process, wherein the adjacent node belongs to the secure group if 
the adjacent node contains the identifier value and proves the key value during 
the handshake process, and wherein the secure information is distributed only 
between nodes in the secure group (claim 58). 

However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn as introduced by Balfanz. Balfanz 
discloses: 

A method where the first node belongs to the secure group if the first node 
contains the identifier value and proves the key value during the handshake 
process, wherein the adjacent node belongs to the secure group if the adjacent 
node contains the identifier value and proves the key value during the handshake 
process, and wherein the secure information is distributed only between nodes in 
the secure group (for the purpose of secure group affiliation communicating as a 
result of a shared identifier and key Balfanz provides for the securing device 
sends to the new member the new member certificate, the group root certificate, 
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and any necessary supporting information about the group such that the new 
member can now establish communication with other group members [col. 8, 
lines 50-67] (claim 52). 

A apparatus where the node belongs to the secure group if the node contains the 
identifier value and proves the key value during the handshake process, wherein 
the adjacent node belongs to the secure group if the adjacent node contains the 
identifier value and proves the key value during the handshake process, and 
wherein the secure information is distributed only between nodes in the secure 
group (for the purpose of secure group affiliation communicating as a result of a 
shared identifier and key Balfanz provides for the securing device sends to the 
new member the new member certificate, the group root certificate, and any 
necessary supporting information about the group such that the new member can 
now establish communication with other group members [col. 8, lines 50-67] 
(claim 54). 

A apparatus where the first node belongs to the secure group if the first node 
contains the identifier value and proves the key value during the handshake 
process, wherein the adjacent node belongs to the secure group if the adjacent 
node contains the identifier value and proves the key value during the handshake 
process, and wherein the secure information is distributed only between nodes in 
the secure group (for the purpose of secure group affiliation communicating as a 
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result of a shared identifier and key Balfanz provides for the securing device 
sends to the new member the new member certificate, the group root certificate, 
and any necessary supporting information about the group such that the new 
member can now establish communication with other group members [col. 8, 
lines 50-67] (claim 56). 

A article of manufacture where the first node belongs to the secure group if the 
first node contains the identifier value and proves the key value during the 
handshake process, wherein the adjacent node belongs to the secure group if 
the adjacent node contains the identifier value and proves the key value during 
the handshake process, and wherein the secure information is distributed only 
between nodes in the secure group (for the purpose of secure group affiliation 
communicating as a result of a shared identifier and key Balfanz provides for the 
securing device sends to the new member the new member certificate, the group 
root certificate, and any necessary supporting information about the group such 
that the new member can now establish communication with other group 
members [col. 8, lines 50-67] (claim 58). 

Therefore, given the teachings of Balfanz, a person having ordinary skill in the art at the 
time of the invention would have recognized the desirability and advantage of modifying 
Krohn by employing the well known features of handshaking disclosed above by 
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Balfanz, for which providing group membership to neighboring devices will be enhanced 
[col. 8, lines 50-67]. 

40. Claims 1 1 , 1 3, 20, 21 , 35, 37, 44 and 45 are rejected under 35 U.S.C. 1 03(a) as 
being unpatentable over Krohn in view Balfanz as applied to claims 1 and 25, further in 
view of Benantar et al. (US Patent No. 6,854,056 and Benantar hereinafter). 

41 . As to claims 1 1 , 1 3, 20 and 21 , the system disclosed by Krohn discloses 
substantial features of the claimed invention. However, Krohn in view Balfanz fails to 
disclose; 

A method where the secure information comprises a password (claim 11). 
A method further comprising distributing secure information to each adjacent 
node that is a member of the secure group, in response to an update of the 
secure information (claim 13). 

A method further comprising: resolving an ambiguity between a received updated 
secure information and currently stored secure information by selecting the 
secure information with a larger data value (claim 20). 
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A method further comprising increasing a security of the secure group by 
widening a secure group key (SGK) value which is known by each node in the 
secure group (claim 21). 

However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn in view Balfanz as introduced by 
Benantar. Benantar discloses: 

A method where the secure information comprises a password (claim 11 ) (to 
provide password capability with X.509 certificate base authentication [col. 2, 
lines 9-12]). 

A method further comprising distributing (e.g., generate) secure information to 
each adjacent node that is a member of the secure group, in response to an 
update of the secure information (claim 13) (to distribute the newly generated 
secure information [col. 8, lines 60-67]). 

A method further comprising: resolving an ambiguity between a received updated 
secure information and currently stored secure information by selecting the 
secure information with a larger data value (claim 20) (to provide the capability to 
reconcile received information with stored information [col. 6, lines 45-50]). 
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A method further comprising increasing a security of the secure group by 
widening a secure group key (SGK) value which is known by each node in the 
secure group (claim 21) (to provide a secure group key thus enabling everyone 
to have the capability of trusted interaction [col. 4, lines 35-45]). 

Therefore, given the teachings of Benantar, a person having ordinary skill in the art at 
the time of the invention would have recognized the desirability and advantage of 
modifying Krohn in view Balfanz by employing the well known feature of a password use 
in X.509 certificate-base authentication as disclosed above by Benantar, for which 
secure communication will be enhanced [col. 2, lines 9-12]. 

42. As to claims 35, 37, 44 and 45, the system disclosed by Krohn in view Balfanz 
discloses substantial features of the claimed invention. However, Krohn in view Balfanz 
fails to disclose; 

A apparatus where the secure information comprises a password (claim 35). 

A apparatus where the node is configured to distribute the secure information to 
each adjacent node that is a member of the secure group, in response to an 
update of the secure information (claim 37). 
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A apparatus where the node is configured to resolve an ambiguity between a 
received updated secure information and currently stored secure information by 
selecting the secure information with a larger data value (claim 44). 

A apparatus where the node is configured to increase a security of the secure 
group by widening the key value which is known by each node in the secure 
group (claim 45). 

However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn in view Balfanz as introduced by 
Benantar. Benantar discloses: 

A apparatus where the secure information comprises a password (claim 35) (to 
provide password capability with X.509 certificate base authentication [col. 2, 
lines 9-12]). 

A apparatus where the node is configured to distribute (e.g., generate) the 
secure information to each adjacent node that is a member of the secure group, 
in response to an update of the secure information (claim 37) (to distribute the 
newly generated secure information [col. 8, lines 60-67]). 

A apparatus where the node is configured to resolve an ambiguity between a 
received updated secure information and currently stored secure information by 
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selecting the secure information with a larger data value (claim 44) (to provide 
the capability to reconcile received information with stored information [col. 6, 
lines 45-50]). 

A apparatus where the node is configured to increase a security of the secure 
group by widening the key value which is known by each node in the secure 
group (claim 45) (to provide a secure group key thus enabling everyone to have 
the capability of trusted interaction [col. 4, lines 35-45]). 

Therefore, given the teachings of Benantar, a person having ordinary skill in the art at 
the time of the invention would have recognized the desirability and advantage of 
modifying Krohn in view Balfanz by employing the well known feature of a password use 
in X.509 certificate-base authentication as disclosed above by Benantar, for which 
secure communication will be enhanced [col. 2, lines 9-12]. 

43. Claims 14, 15, 23, 24, 38, 39, 47 and 48 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Krohn in view Balfanz , as applied to claim 1 and 25, further in 
view of Hafer (US Patent No. 4,530,092). 

44. As to claims 14, 15, 23 and 24, the system disclosed by Krohn in view Balfanz 
discloses substantial features of the claimed invention. 
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However, Krohn in view Balfanz fails to disclose; 

A method where the action of performing the handshake process comprises: 
performing the handshake process with the adjacent node once for every fixed 
time amount T (claim 14). 

A method further comprising: after detecting the presence of another node that is 
not in an adjacency set, attempting to handshake with that another node if a 
detecting node and the another node both have a handshake time remaining 
value of zero (0) (claim 1 5). 

A method further comprising: allowing for rapid construction of the secure group 
by transmitting a burst of NB handshakes for every amount of time TB, where NB 
is the number of handshakes and TB is a time amount between burst of 
handshakes (claim 23). 

A method further comprising: preventing a single node in the secure group from 
attempting to handshake with numerous nodes to avoid excessive joins, by 
establish membership with one adjacent node at a time, and waiting at time TW + 
TR between handshake attempts, where TW is a fixed configurable time amount 
and TR is a random amount of time that is bounded by a user-specified bound 
range (claim 24). 
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However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn in view Balfanz as introduced by Hafer. 
Hafer discloses: 

A method where the action of performing the handshake process comprises: 
performing the handshake process with the adjacent node once for every fixed 
time (i.e., time slot) amount T (claim 14) (to provide time base handshaking 
capability [col. 9, lines 40-45]). 

A method further comprising: after detecting the presence of another node that is 
not in an adjacency set, attempting to handshake with that another node if a 
detecting node and the another node both have a handshake time remaining 
value of zero (0) (claim 15) (to provide time base handshaking capability [col. 9, 
lines 40-45]). 

A method further comprising: allowing for rapid construction of the secure group 
by transmitting a burst (e.g., broadcasting ) of NB handshakes (i.e., 
acknowledgement) for every amount of time TB, where NB is the number of 
handshakes (i.e., acknowledgement) and TB is a time amount between burst 
(e.g., broadcasting ) of handshakes (i.e., acknowledgement) (claim 23) (to 
provide time base handshaking capability [col. 9, lines 40-45]). 
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A method further comprising: preventing a single node in the secure group from 
attempting to handshake with numerous nodes to avoid excessive joins, by 
establish membership with one adjacent node at a time, and waiting at time TW + 
TR (i.e., common clock signal) between handshake attempts, where TW is a 
fixed configurable time amount and TR is a random amount of time that is 
bounded by a user-specified bound range (claim 24) (to provide time slot 
allocation capability to communicate between adjoining nodes members [col. 9, 
lines 40-45]. 

Therefore, given the teachings of Hafer, a person having ordinary skill in the art at the 
time of the invention would have recognized the desirability and advantage of modifying 
Krohn in view Balfanz by employing the well known feature of time based 
acknowledgement (e.g., handshaking) and broadcasting (e.g., burst) capability 
disclosed above by Hafer, for which secure communication will be enhanced [col. 2, 
lines 9-12]. 

45. As to claims 38, 39, 47 and 48, the system disclosed by Krohn in view Balfanz 
discloses substantial features of the claimed invention. 

However, Krohn in view Balfanz fails to disclose; 
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A apparatus where the node is configured to perform the handshake process 
with the adjacent node once for every fixed time amount T (claim 38). 

A apparatus where the node is configured to attempt to handshake with another 
node if the node and the another node both have a handshake time remaining 
value of zero (0) (claim 39). 

A apparatus where the node is configured to allow for rapid construction of the 
secure group by transmitting a burst of NB handshakes for every amount of time 
TB, where NB is the number of handshakes and TB is a time amount between 
burst of handshakes (claim 47). 

A apparatus where the node is prevented from attempting to handshake with 
numerous nodes to avoid excessive joins, by establish membership with one 
adjacent node at a time, and waiting at time TW + TR between handshake 
attempts, where TW is a fixed configurable time amount and TR is a random 
amount of time that is bounded by a user-specified bound range (claim 48). 

However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn in view Balfanz as introduced by Hafer. 
Hafer discloses: 
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A apparatus where the node is configured to perform the handshake process 
with the adjacent node once for every fixed time (i.e., time slot) amount T (claim 
38) (to provide time base handshaking capability [col. 9, lines 40-45]). 

A apparatus where the node is configured to attempt to handshake with another 
node if the node and the another node both have a handshake time remaining 
value of zero (0) (claim 39) (to provide time base handshaking capability [col. 9, 
lines 40-45]). 

A apparatus where the node is configured to allow for rapid construction of the 
secure group by transmitting a burst (e.g., broadcasting ) of NB handshakes (i.e., 
acknowledgement) for every amount of time TB, where NB is the number of 
handshakes and TB is a time amount between burst (e.g., broadcasting ) of 
handshakes (claim 47) (to provide time base handshaking capability [col. 9, lines 
40- 45]). 

A apparatus where the node is prevented from attempting to handshake with 
numerous nodes to avoid excessive joins, by establish membership with one 
adjacent node at a time, and waiting at time TW + TR (i.e., common clock signal) 
between handshake attempts, where TW is a fixed configurable time amount and 
TR is a random amount of time that is bounded by a user-specified bound range 
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(claim 48) (to provide time slot allocation capability to communicate between 
adjoining nodes members [col. 5, lines 19-27]). 

Therefore, given the teachings of Hafer, a person having ordinary skill in the art at the 
time of the invention would have recognized the desirability and advantage of modifying 
Krohn in view Balfanz by employing the well known feature of time based 
acknowledgement (e.g., handshaking) and broadcasting (e.g., burst) capability 
disclosed above by Hafer, for which secure communication will be enhanced [col. 9, 
lines 40-45]]. 

46. Claims 22 and 46 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Krohn in view Balfanz , as applied to claim 1 and 25, further in view of Levine et al. 
(US Patent Publication No. 2003/0061481 and Levine hereinafter). 

47. As to claims 22 and 46, the system disclosed by Krohn in view Balfanz discloses 
substantial features of the claimed invention. 

However, Krohn in view Balfanz fails to disclose; 

A method further comprising: decreasing an amount of time between symmetric 
key regeneration (TK) to increase the security of the secure group (claim 22). 
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A apparatus where the node is configured to decrease an amount of time 
between symmetric key regeneration (TK) to increase the security of the secure 
group (claim 46). 

However, these features are well known in the art and would have been an obvious 
modification of the system disclosed by Krohn in view Balfanz as introduced by Levine. 
Levine discloses: 

A method further comprising: decreasing an amount of time between symmetric 
key regeneration (TK) to increase the security of the secure group (claim 22) (to 
increase security between nodes by allocating symmetric keys for each node for 
which symmetric key regeneration is decrease [par. 65, lines 1-16]). 

A apparatus where the node is configured to decrease an amount of time 
between symmetric key regeneration (TK) to increase the security of the secure 
group (claim 46) (to increase security between nodes by allocating symmetric 
keys for each node for which symmetric key regeneration is decrease [par. 65, 
lines 1-16]). 

Therefore, given the teachings of Levine, a person having ordinary skill in the art at the 
time of the invention would have recognized the desirability and advantage of modifying 
Krohn in view Balfanz by employing the well known feature of symmetric key allocation 
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for each node disclosed above by Levine, for which symmetric key processing will be 
enhanced [par. 65, lines 1-16]. 

Response to Arguments 

19. Applicant's arguments with respect to claims 1-58 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 
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